Releases: zaproxy/zap-extensions
Releases · zaproxy/zap-extensions
Automation Framework version 0.0.1
- First version.
Wappalyzer - Technology Detection version 21.1.0
Changed
- Updated with upstream Wappalyzer icon and pattern changes.
- Now using 2.10 logging infrastructure (Log4j 2.x).
Added
- Support for DOM patterns, aligning with the upstream project (Issue 6180).
Encoder version 0.5.0
Changed
- Remove "Advanced" in help page.
Passive scanner rules (alpha) version 30
Changed
- Now targeting ZAP 2.10.
- The In Page Banner Information Leak scan rule and Site Isolation scan rule now support Custom Page definitions.
- Update links to zaproxy repo.
Passive scanner rules version 33
Added
- Added Express error string pattern (Issue 6412).
Changed
- X-Frame-Options (XFO) scan rule no longer suggests the use of "ALLOW-FROM", and also includes CSP "frame-ancestors" as an alternative.
- XFO headers implementing "ALLOW-FROM" will now be considered malformed.
- The Suspicious Comments scan rule will raise one alert per pattern per page and use more suitable evidence.
Windows WebDrivers version 25
Changed
- Update ChromeDriver to 88.0.4324.96.
MacOS WebDrivers version 24
Changed
- Update ChromeDriver to 88.0.4324.96.
Linux WebDrivers version 25
Changed
- Update ChromeDriver to 88.0.4324.96.
Passive scanner rules version 32
Changed
- The Suspicious Comments scan rule will include the offending line as evidence.
- The Suspicious Comments scan rule will raise one alert per finding, instead of one aggeregated alert per HTTP message.
Windows WebDrivers version 24
Changed
- Update geckodriver to 0.29.0.